The present disclosure relates to systems for setting keys in devices and in media cards which perform authentication processing and/or cryptographic processing for copyright protection of digital audio/video (AV) content.
Digital AV content to be recorded on a secure digital (SD) card or on a digital versatile disc (DVD) medium is recorded on the medium in an encrypted form for copyright protection. A device for recording and/or reproducing such content stores a key to decrypt the encrypted content. In addition, some copyright protection techniques achieve greater security by requiring the media card storing the content to itself perform cryptographic processing and/or authentication processing. Moreover, a distribution system of copyrighted content sends the distributed content to devices also in an encrypted form, and records the content in an encrypted form even in the hard disk drives (HDDs) etc. in the devices. Such a device or a media card stores a key for encrypting/decrypting the content to be protected, and for authenticating a peer device and/or the media card. A key described above, stored in a device for copyright protection, is hereinafter referred to as “device key.” A host and a media card which perform cryptographic processing and/or authentication processing are hereinafter collectively referred to as “device.”
A device key is issued by a key issuing authority which is managed by a licensing entity of copyright protection technology. A device key has a different value for each device, and thus a same device key is not allowed to be set in a plurality of devices. Moreover, a device key needs to be set in a device so as not to be easily analyzed and revealed by a user. Criteria for securely setting a device key in a device are defined in secure implementation guidelines called robustness rules. Manufacturers which fabricate the devices are required to comply with these guidelines by contract.
Japanese Patent Publication No. 2002-185447 (Patent Document 1) describes a conventional technology for setting a device key in a device. This conventional technology is described in which, when manufacturing a large-scale integrated circuit (LSI), a key common to LSIs, referred to as internal key, is set in the LSI. When a device is fabricated, the device manufacturer encrypts the device key to be set in the device using this internal key, and stores the encrypted device key in an electrically erasable programmable read-only memory (EEPROM) external to the LSI. When the content is decrypted, the LSI in the device reads the encrypted device key from the EEPROM, and decrypts the encrypted device key using the internal key, thereby obtains the plaintext device key. Then, using the obtained device key, the encrypted content is decrypted. This conventional technology allows the device key to be stored in an encrypted form in the EEPROM. Accordingly, even if an unauthorized user attempts to analyze the data stored in the EEPROM, the user can obtain only the encrypted device key. Moreover, the internal key for decrypting the encrypted device key is enclosed in the LSI, and analyzing data in the LSI is much more difficult than analyzing data in the EEPROM. Therefore, it can be said that the device key is set in the device at a security level equivalent to that of when the device key is set in the LSI.
However, the present inventors have found that this conventional technology has the following problems.
(1) Risk of Unauthorized Leaks and Unauthorized Use of Device Key by Device Manufacturer
The conventional technology is described in which encryption processing of a device key using an internal key is performed by the device manufacturer. That is, the key issuing authority needs to provide plaintext device keys to device manufacturers. Thus, there is a concern about unauthorized leaks and unauthorized use of a device key by an unauthorized device manufacturer.
In general, devices can be fabricated under an environment capable of purchasing parts such as LSIs and of assembling devices from such parts. Accordingly, as compared to the LSI manufacturing which requires extensive facilities, device fabrication is easier to start, and thus it is highly likely that a fraudulent device manufacturer is involved.
(2) Risk of Clone Device Production by Copying Device Key
The conventional technology is described in which the device key is encrypted using an internal key common to LSIs, and is stored in the EEPROM. Thus, simply copying the encrypted device key data stored in the EEPROM of a certain device into the EEPROM of another device allows the LSI of the another device to correctly decrypt the copied encrypted device key into the plaintext device key. That is, the device key of a certain device can be used in another device, thereby allowing a clone device to be produced. For example, robustness rules of a copyright protection technology called an advanced access content system (AACS) for blu-ray discs (BDs) require a device key implementation which prevents clone device production by copying encrypted device key data as described above; however, this conventional technology fails to meet this requirement.
(3) Extensibility of Selective Use of Internal Keys
The conventional technology discloses a configuration such that a plurality of internal keys are set in each LSI, and the internal keys are selectively used, for example, based on which device manufacturer supplies the LSI. The method of this conventional technology is applicable if the number of device manufacturers is relatively low (several to about a dozen); however, from a viewpoint of implementation cost, the maximum number of internal keys that can be set has a limit Thus, if there exist a large number of device manufacturers, applying this method is difficult. Furthermore, it is practically impossible to selectively use one internal key for each LSI in order to solve the problem numbered 2 described above. In addition, if a need arises to supply LSIs to more device manufacturers than that foreseen at the time of development, redesign of the LSI is required because the conventional example does not allow the internal keys to be added later.
Note that, in addition to this conventional technology, other conventional technologies are described in Japanese Patent Publications Nos. 2003-134101 (Patent Document 2), 2003-101527 (Patent Document 3), and 2005-294952 (Patent Document 4). These conventional technologies also have problems as follows.
Patent Document 2 discloses a configuration which is basically similar to that of Patent Document 1, and therefore has the problems numbered 1, 2, and 3 described above.
Although the technologies disclosed in Patent Documents 3 and 4 solve the problems numbered 1 and 2, Patent Documents 3 and 4 do not disclose any configuration which solves the problem numbered 3, and in addition, have another problem, which is numbered 4, as follows. (4) Management of Encrypted Device Key When Setting Key in Device
Patent Documents 3 and 4 disclose a configuration such that encrypted data generated based on a constant (Const) or a fuse value (IDfuse) set in the LSI is recorded in a storage unit external to the LSI. In this method, setting a different constant or fuse value in each LSI allows the above encrypted data generated by an encrypted data generator to be correctly decrypted only in the single particular LSI. However, if encrypted data may be set in an LSI having no correspondence to the encrypted data, the LSI cannot correctly decrypt the encrypted data into the device key, and thus the content cannot be correctly encrypted and/or decrypted. Thus, when fabricating devices, it would be necessary to strictly manage the correspondence between LSIs and encrypted data on a one-to-one basis, and to write the encrypted data in the external memory of an LSI which has correct correspondence to the encrypted data. Performing such data management during the device fabrication process places a burden, and results in an increase of the manufacturing cost.